¹è³Ê
  FIREWALL > Cisco PIX 500 Series
  ASA 5500 Cisco PIX 500 Series    
 
 
 
¾÷°è ÃÖ°íÀÇ Cisco PIX¢ç Security Appliance Series´Â stateful inspection ¹æ½ÄÀÇ ¹æÈ­º®, ÇÁ·ÎÅäÄÝ ¹× ¾ÖÇø®ÄÉÀÌ¼Ç °Ë»ç, VPN(Virtual Private Network), ÀζóÀΠħÀÔ ¹æÁö, ±×¸®°í dzºÎÇÑ ¸ÖƼ¹Ìµð¾î ¹× À½¼º º¸¾ÈÀ» ºñ¿ë È¿À²ÀûÀÌ°í ¹èÄ¡Çϱ⠽¬¿î ¼Ö·ç¼Ç¿¡ ÅëÇÕÇÑ °­·ÂÇÑ ¿£ÅÍÇÁ¶óÀÌÁî±Þ ÅëÇÕ ³×Æ®¿öÅ© º¸¾È ¼­ºñ½º¸¦ Á¦°øÇÕ´Ï´Ù. ÀÌ·¯ÇÑ ÅëÇÕ ±â¼úµéÀº ¿À´Ã³¯ÀÇ ±Þº¯ÇÏ´Â ³×Æ®¿öÅ© ȯ°æÀ» À§ÇØ ¿©·¯ °èÃþÀÇ °­·ÂÇÑ º¸È£¸·À» Çü¼ºÇÕ´Ï´Ù. SOHO¸¦ À§ÇÑ ÄÄÆÑÆ®ÇÑ "Ç÷¯±×-¾Ø-Ç÷¹ÀÌ" µ¥½ºÅ©Å¾ ¹æÈ­º®¿¡¼­ °¡Àå ±î´Ù·Î¿î ´ë±â¾÷ ¹× ¼­ºñ½º Á¦°ø¾÷ü ȯ°æÀ» À§ÇÑ ¸ðµâÇü Åë½Å»ç¾÷ü±Þ ±â°¡ºñÆ® ¹æÈ­º®¿¡ À̸£±â±îÁö Cisco PIX Security Appliance´Â ±Ô¸ð¿¡ »ó°ü¾øÀÌ ¸ðµç ³×Æ®¿öÅ© ȯ°æÀ» À§ÇØ °ß°íÇÑ º¸¾È, ¼º´É ¹× ½Å·Ú¼ºÀ» Á¦°øÇÕ´Ï´Ù.
dzºÎÇÑ º¸¾È ¼­ºñ½º¸¦ Á¦°øÇϵµ·Ï ¼³°èµÈ Ư¼ö ¸ñÀûÀÇ °ß°íÇÑ ¿î¿µÃ¼Á¦¿¡ ±â¹ÝÇÑ Cisco PIX Security Appliance´Â ÃÖ°í ¼öÁØÀÇ º¸¾ÈÀ» Á¦°øÇϸç, ICSA Labs Firewall ¹× IPSec ÀÎÁõÀº ¹°·Ð Common Criteria EAL(Evaluation Assurance Level) 4 µî±ÞÀ» ºñ·ÔÇÑ ¾÷°è Ç¥ÁØÀ» ´Ù¼ö ȹµæÇÏ¿´½À´Ï´Ù. Cisco PIX Security Appliance´Â VLAN(802.1Q ű×) Áö¿ø, OSPF µ¿Àû ¶ó¿ìÆÃ, NAT(Network Address Translation), PAT(Port Address Translation), ÄÁÅÙÆ® ÇÊÅ͸µ(Java/ActiveX), URL ÇÊÅ͸µ, AAA(RADIUS/TACACS+) ÅëÇÕ, ÁÖ¿ä X.509 PKI ¼Ö·ç¼Ç Áö¿ø, DHCP Ŭ¶óÀ̾ðÆ®/¼­¹ö/¸±·¹ÀÌ, PPPoE Áö¿ø µî ¸Å¿ì ±¤¹üÀ§ÇÑ º¸¾È ¹× ³×Æ®¿öÅ· ¼­ºñ½º¸¦ Á¦°øÇÕ´Ï´Ù.
Cisco PIX Security Appliance´Â ¶ÇÇÑ H.323 Version 4, SIP(Session Initiation Protocol), Cisco SCCP(Skinny Client Control Protocol), RTSP(Real Time Streaming Protocol) ¹× MGCP(Media Gateway Control Protocol)¿Í °°Àº ¸ÖƼ¹Ìµð¾î ¹× À½¼º Ç¥ÁØÀ» À§ÇÑ °í±Þ º¸¾È ¼­ºñ½ºµµ Á¦°øÇϹǷΠ±â¾÷µéÀº ÅëÇÕµÈ µ¥ÀÌÅÍ, À½¼º ¹× ºñµð¿À ³×Æ®¿öÅ©°¡ Á¦°øÇÏ´Â ¸¹Àº ÀÌÁ¡µéÀ» ¾ÈÀüÇÏ°Ô ÀÌ¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
±â¾÷µéÀº Cisco PIX Security Appliance°¡ Á¦°øÇÏ´Â ¿Ïº®ÇÑ ±â´ÉÀÇ VPN ´É·ÂÀ» Ȱ¿ëÇÏ¿© Àü¼¼°è À̵¿ »ç¿ëÀÚ, ºñÁî´Ï½º ÆÄÆ®³Ê ¹× ¿ø°Ý »ç¹«½Ç±îÁö Àú·ÅÇÑ ÀÎÅÍ³Ý ¿¬°áÀ» ÅëÇØ ¾ÈÀüÇÏ°Ô ³×Æ®¿öÅ©¸¦ È®ÀåÇÒ ¼ö ÀÖ½À´Ï´Ù. ¼Ö·ç¼ÇÀº IKE(Internet Key Exchange)¿Í IPSec(IP Security) VPN Ç¥ÁØÀ» Ȱ¿ëÇϴ ǥÁØ ±â¹ÝÀÇ »çÀÌÆ®-Åõ-»çÀÌÆ® VPN¿¡¼­ Cisco PIX Security Appliance¿Í ±âŸ ½Ã½ºÄÚ º¸¾È ¼Ö·ç¼Ç(Cisco IOSR ¶ó¿ìÅÍ, Cisco VPN 3000 Series Concentrator µî)¿¡ äÅÃµÈ Çõ½ÅÀûÀÎ Easy VPN ±â´Éµé¿¡ À̸£±â±îÁö ´Ù¾çÇÕ´Ï´Ù. Easy VPNÀº È®À强°ú °æÁ¦¼º, °ü¸® ¿ëÀ̼ºÀÌ ¶Ù¾î³­ ¿ø°Ý ¾×¼¼½º VPN ¾ÆÅ°ÅØÃ³¸¦ Á¦°øÇϹǷΠÀϹÝÀûÀ¸·Î ÀüÅëÀûÀÎ VPN ¼Ö·ç¼Ç¿¡¼­ ÇÊ¿äÇÑ ¿ø°Ý ÀåÄ¡ ±¸¼º À¯Áö¿¡ µû¸£´Â ¿î¿µ ºñ¿ëÀÌ Àý°¨µË´Ï´Ù.
Cisco PIX Security Appliance´Â ½Ã½ºÄÚ ¼ÒÇÁÆ®¿þ¾î VPN Ŭ¶óÀ̾ðÆ®(Microsoft Windows, Linux, Solaris ¹× Mac OS X°ú °°Àº °¢Á¾ Ç÷§Æû¿¡¼­ »ç¿ë °¡´É), ½Ã½ºÄÚ Çϵå¿þ¾î VPN Ŭ¶óÀ̾ðÆ®(PIX 501/506E, VPN 3002 ¶Ç´Â Cisco 800/1700 Series Router µî)´Â ¹°·Ð Microsoft Windows ¿î¿µÃ¼Á¦ÀÇ PPTP ¹× L2TP Ŭ¶óÀÌ¾ðÆ® µî ±¤¹üÀ§ÇÑ ¿ø°Ý ¾×¼¼½º VPN Ŭ¶óÀÌ¾ðÆ®¸¦ Áö¿øÇÕ´Ï´Ù. Cisco PIX Security Appliance´Â 56ºñÆ® DES(Data Encryption Standard), 168ºñÆ® 3DES(Triple DES) ¶Ç´Â ÃÖ´ë 256ºñÆ®ÀÇ AES(Advanced Encryption Standard) ¾Ïȣȭ¸¦ »ç¿ëÇÏ¿© µ¥ÀÌÅ͸¦ ¾ÏȣȭÇÕ´Ï´Ù. ´Ù¾çÇÑ Cisco PIX Security Appliance ¸ðµ¨Àº ¸ðµâ½Ä ¾÷±×·¹À̵带 Áö¿øÇϰí, ÅëÇÕ Çϵå¿þ¾î VPN °¡¼ÓÈ­ ±â´ÉÀ» ÅëÇÕÇÏ¿©, ³ôÀº È®À强À» ÀÚ¶ûÇÏ´Â °í¼º´É VPN ¼­ºñ½º¸¦ Á¦°øÇÕ´Ï´Ù.
°ü¸®ÀÚµéÀº Cisco PIX Security ApplianceÀÇ ¿ø°Ý ±¸¼º, ¸ð´ÏÅ͸µ ¹× ¹®Á¦ ÇØ°áÀ» À§ÇÑ ´Ù¾çÇÑ ¼Ö·ç¼ÇÀ» ¼±ÅÃÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ·¯ÇÑ ¼Ö·ç¼ÇÀº Áß¾Ó ÁýÁᫎ Á¤Ã¥ ±â¹Ý °ü¸® Åø¿¡¼­ SNMP(Simple Network Management Protocol)³ª syslog¿Í °°Àº ¿ø°Ý ¸ð´ÏÅ͸µ ÇÁ·ÎÅäÄÝÀ» Áö¿øÇϱâ À§ÇÑ ÅëÇÕ À¥ ±â¹Ý °ü¸®(PIX Device Manager)¿¡ À̸£±â±îÁö ¸Å¿ì ´Ù¾çÇÕ´Ï´Ù. Cisco PIX Security Appliance´Â ¶ÇÇÑ ¹æÈ­º® ±¸¼º°ú ¼ÒÇÁÆ®¿þ¾î À̹ÌÁö¸¦ ÃÖ½ÅÀ¸·Î À¯Áö½ÃÄÑ ÁÖ´Â ÀÏ·ÃÀÇ Çõ½ÅÀûÀÌ°í ¾ÈÀüÇÑ ¿ø°Ý °ü¸® ¼­ºñ½ºÀÎ °ß°íÇÑ ÀÚµ¿ ¾÷µ¥ÀÌÆ®(Auto Update) ±â´Éµµ Æ÷ÇÔÇϰí ÀÖ½À´Ï´Ù. °ü¸®ÀÚµéÀº ¶ÇÇÑ Telnet, SSH(Secure Shell) ¶Ç´Â ÄÜ¼Ö Æ÷Æ®¸¦ ÅëÇÑ ´ë¿ª¿Ü ½Ã½ºÅÛÀ» ºñ·ÔÇÑ ´Ù¾çÇÑ ¹æ¹ýÀ» ÅëÇØ Æí¸®ÇÑ CLI(Command-Line Interface)¸¦ »ç¿ëÇÏ¿© Cisco PIX Security Appliance¸¦ °ü¸®ÇÒ ¼ö ÀÖ½À´Ï´Ù.